Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
File:                     vmBP81opyRFWvkvSKbO693yDl70.mft (raw, json)
Hash identifier:          WSZI3iFtz6y8wLZQr+qlkhGshrO2Hr72SiFd3jETZSA=
Subject key identifier:   A7:56:E5:12:9C:53:4B:33:EC:20:B1:ED:24:9E:55:AB:B5:5A:4B:A1
Authority key identifier: BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
Certificate issuer:       /CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Certificate serial:       0190411BDB8C27327C89B7C385E77EA4F01C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
Manifest number:          03FF
Signing time:             Sat 22 Jun 2024 18:01:03 +0000
Manifest this update:     Sat 22 Jun 2024 18:01:03 +0000
Manifest next update:     Sun 23 Jun 2024 18:01:03 +0000
Files and hashes:         1: lvr0cznDn9OLv8_GSLRIXI64Wxo.roa (hash: zu8w05vyZSovZLtJMQNXGH94uFEApQY9SVsNop1J/y8=)
                          2: vmBP81opyRFWvkvSKbO693yDl70.crl (hash: CR0z+J0O0Dmw8rJUpnWs7F//YN8MD6ZQwzE1d12jzRM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 23 Jun 2024 18:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:41:1b:db:8c:27:32:7c:89:b7:c3:85:e7:7e:a4:f0:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be604ff35a29c91156be4bd229b3baf77c8397bd
        Validity
            Not Before: Jun 22 18:01:03 2024 GMT
            Not After : Jun 23 18:01:03 2024 GMT
        Subject: CN=a756e5129c534b33ec20b1ed249e55abb55a4ba1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:d0:8e:82:02:44:2f:f7:98:9c:4c:ac:69:c1:
                    8a:a1:73:43:f8:66:17:0c:35:a7:d5:3c:65:cd:9d:
                    c7:1e:29:16:7b:6e:5d:d2:67:b8:a4:3d:07:ee:03:
                    61:1a:54:9b:26:c8:2a:e7:a3:b9:ba:15:f5:bd:6d:
                    aa:f9:a8:dc:d6:9f:1f:20:c2:e7:f3:da:ed:2a:cd:
                    18:2e:06:1e:47:d0:55:35:50:fd:82:3c:7d:7a:cb:
                    21:68:05:bb:b2:49:4a:9e:22:c7:f2:4f:a8:f2:9e:
                    ef:24:57:04:56:a2:d7:97:39:b6:57:ac:b6:a4:8a:
                    80:cf:cd:6f:a2:cf:bc:24:f7:f9:7e:2f:37:e8:fc:
                    f4:65:56:a5:1f:53:c0:ea:51:07:de:45:36:f7:21:
                    4f:64:6f:ea:92:ab:e3:27:fa:f7:94:14:c5:c4:88:
                    df:41:03:79:62:55:6d:e8:07:41:60:6f:de:af:13:
                    b6:6b:5c:7a:57:bb:8c:ad:08:20:38:af:c3:8d:4d:
                    0a:1d:b8:45:08:42:89:ca:dc:4b:a3:1c:6c:b3:23:
                    8b:e2:3a:07:2d:aa:44:35:a5:d8:48:a5:08:07:81:
                    db:0a:18:d6:40:81:7b:bf:b4:50:68:4d:a0:d8:66:
                    59:81:f1:7b:67:0e:dc:aa:0b:3a:5e:49:c4:ac:d6:
                    f4:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:56:E5:12:9C:53:4B:33:EC:20:B1:ED:24:9E:55:AB:B5:5A:4B:A1
            X509v3 Authority Key Identifier:
                keyid:BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:b9:09:99:35:3b:6e:c4:70:43:7c:8d:35:fe:80:17:f8:c7:
         9c:82:59:b1:ee:91:22:55:63:de:89:e6:63:e1:f5:4b:cb:fe:
         21:ca:5b:10:df:79:d8:69:98:ee:20:1d:ad:35:54:25:ab:c9:
         5a:64:9e:65:08:2b:ab:d0:ea:6b:d0:80:2c:1c:ac:50:b8:ea:
         21:cf:9e:d2:7c:3b:be:88:1d:5e:86:c8:0e:c3:87:ed:91:54:
         29:f6:98:6b:37:82:d9:f2:64:e5:df:2e:21:90:cf:59:21:25:
         73:fd:64:bf:e8:90:11:03:39:3d:9d:0c:ea:38:0f:af:b9:c0:
         1a:2e:d7:10:14:bc:f0:24:75:f3:f8:16:a0:c6:e1:47:03:2f:
         d1:cc:fe:b7:0a:01:8f:5a:6f:f8:00:28:61:3c:72:7b:35:04:
         10:ca:d0:81:07:c4:d6:10:cc:c2:14:52:2e:94:66:ca:20:f7:
         b9:af:cb:6e:ab:52:a5:6c:06:9f:8f:e4:57:1d:e0:33:e2:ca:
         42:d5:47:80:c4:1b:66:6c:66:ba:f8:6a:7b:1c:ea:b6:21:33:
         e1:56:da:81:72:50:96:20:64:13:42:e2:83:49:47:7e:79:8c:
         af:40:29:f4:36:42:0d:88:3c:95:e1:e2:a3:e4:39:54:6d:a0:
         a2:ff:cc:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBBG9uMJzJ8ibfDhed+pPAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjA0ZmYzNWEyOWM5MTE1NmJlNGJkMjI5YjNiYWY3N2M4
Mzk3YmQwHhcNMjQwNjIyMTgwMTAzWhcNMjQwNjIzMTgwMTAzWjAzMTEwLwYDVQQD
EyhhNzU2ZTUxMjljNTM0YjMzZWMyMGIxZWQyNDllNTVhYmI1NWE0YmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtCOggJEL/eYnEysacGKoXND+GYX
DDWn1TxlzZ3HHikWe25d0me4pD0H7gNhGlSbJsgq56O5uhX1vW2q+ajc1p8fIMLn
89rtKs0YLgYeR9BVNVD9gjx9esshaAW7sklKniLH8k+o8p7vJFcEVqLXlzm2V6y2
pIqAz81vos+8JPf5fi836Pz0ZValH1PA6lEH3kU29yFPZG/qkqvjJ/r3lBTFxIjf
QQN5YlVt6AdBYG/erxO2a1x6V7uMrQggOK/DjU0KHbhFCEKJytxLoxxssyOL4joH
LapENaXYSKUIB4HbChjWQIF7v7RQaE2g2GZZgfF7Zw7cqgs6XknErNb0xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKdW5RKcU0sz7CCx7SSeVau1WkuhMB8GA1UdIwQY
MBaAFL5gT/NaKckRVr5L0imzuvd8g5e9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYt
MWEzOWMzZDM0ZjA4LzEvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYtMWEzOWMzZDM0ZjA4
LzEvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvrkJmTU7
bsRwQ3yNNf6AF/jHnIJZse6RIlVj3onmY+H1S8v+IcpbEN952GmY7iAdrTVUJavJ
WmSeZQgrq9Dqa9CALBysULjqIc+e0nw7vogdXobIDsOH7ZFUKfaYazeC2fJk5d8u
IZDPWSElc/1kv+iQEQM5PZ0M6jgPr7nAGi7XEBS88CR18/gWoMbhRwMv0cz+twoB
j1pv+AAoYTxyezUEEMrQgQfE1hDMwhRSLpRmyiD3ua/LbqtSpWwGn4/kVx3gM+LK
QtVHgMQbZmxmuvhqexzqtiEz4VbagXJQliBkE0Lig0lHfnmMr0Ap9DZCDYg8leHi
o+Q5VG2gov/MdQ==
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:15:55 2024 by rpki-client on console-ams.rpki-client.org